Posts by big_D 6775 publicly visible posts • joined 27 Nov 2009
So, don't live within 100 miles of the coast, 100 miles from the Canadian or Mexican borders or 100 miles from an inland harbour or airport... What about foreign embassies? There are borders around them as well.
That pretty much means anybody living in a major city in America isn't covered by the constitution?
Just take throw-away devices. If CBP unlock the device and remove it from your presence, you can never trust the device again for connecting to a private network or accessing any non-public information.
A friend of mine was given advice from authorities on travelling to China: use a burner phone and burner laptop and drop them in the trash at the Chinese airport on the way back home. I would say, the same applies for travelling to the USA these days.
When we go out and people start taking photos, at parties, for example, she explicitly states that they do not have her permission to upload any photo containing her to the Internet.
That is legally binding here. If anyone does upload an image of her, they could face prosecution.
To a point, yes. The best photos I ever took were with my dirt cheap Praktica MTL3, 28mm wide angle, 50mm standard, macro rings and telelphoto adapters, the latter 2 second hand. The photos on my Instamatic before it were okay, but I took some excellent shots with the Praktica, mainly because, as 12 year old, developing a film cost a lot of money, so I learnt hot to properly frame an image and get everything right, before pressing the shutter.
I later got a Canon EOS 500, with a 23-250mm zoom lens, but, to be honest, the photos were not better than what I took with the Praktica. Then I went through a series of compact digital cameras, with the small memory cards, I still took time to line up photos.
With my EOS 500D and my Sony Alpha, I take some great photos, but there are some from the Praktica that I still haven't surpassed for framing and lighting. It is also interesting, even though I have Photoshop Element and Affinity Photo, I very rarely do any post processing on my photos.
I probably use my smartphone's camera for less trhan 1% of all photos taken each year.
This was a range of around 100 photos, from 1 person portraits relatively close to family groups at a distance. All of them look that way - and really, the bodies in the group photos were at different levels, but even the taller bodies were normal next to shorter people with blown-up heads. And yes, I'm tall, but my (very short) wife took some of the photos as well as someone of medium height making the group photos of our family.
It was a real shame I didn't bring along a proper camera.
I used my Mate 10 Pro's camera for the first time for a serious photograph (other than photographing serial numbers on server room kit for documentation) at a wedding recently. What annoyed me was lookign at the pictures afterwards, I'd left it in auto mode and all of the heads of the people had been blown up, so they looked like nodding head caricatures.
It also depends on what you want to photograph. I do a lot of nature photography, so it is either macro close-ups or distance small animaly. Neither of which a phone camera can really cope with. When you are trying to photograph a strutting hawk at 400M, even a "normal" telephoto lens on a decent DSLR isn't going to give you much detail, you are talking about long lenses that cost more than a iPhone Xs Max...
when I did my sea navigation courses, the first thing they taught you was not to rely on GPS. Always plot your course and use GPS as a guide, but never trust it, if your course tells you one thing and GPS another, always assume GPS is wrong and double check your charts.
I guess my teacher knew what he was talking about.
Agreed. Once the things are actually booted, they stay on, going into suspend mode when not in use, until the next patch requires a reboot.
I guess the PCs get rebooted once or twice a month. The rest of the time, it is suspend mode, which has them back up and running in a second or two.
They generally control plant equipment running into 6 figures, which is still working fine. The newer software only works with newer versions of the plant equipment, so a 6 figure reinvestment, because the OS is out of support.
Alternatively, just isolate the PCs from the network.
We just have Kaspersky on our machines. My ThinkPad takes around 20 seconds to boot and another 15 to log on.
At home, the BIOS screen on my Ryzen desktop takes 3 times as long as the Windows boot process (~10 seconds). Logging on takes another 3 - 4 seconds. My Spectre X360 (Skylake) takes around 20 seconds to book and 10 seconds to log on.
But I don't fill my PCs up with crapware.
"I went to bed terrified that our house, and our house alone would be the one it hit. I woke up the next morning very relieved that it wasn't."
I'm glad for him, that his house wasn't alone in being hit. Oh, wait... :-D
Glad it left such an impression on his life (as opposed to him), that he has made the film.
As I said, I have nothing against Google reporting it after 90 days. What I do disagree with is Google providing malware writers with a zero-day kit to work with.
You don't need to publicy issue a proof of concept on day zero. They could privately disclose that to other security researchers to get them to validate their findings, for example. Releasing a script a week or 2 after the initial report would also be, in my opinion, "responsible.
Agreed, but on the other hand, Google shouldn't throw the innocent users under a bus!
If Google had just publicly reported a zero-day and warned users to switch routers or shame TP-Link into repsonding, I'd be right behind them, but releasing a zero-day script against all those users is irresponsible.
Given that, when a Google server DOSed us, Google's response to all "normal" (abuse@, webmaster@ etc.) email accounts was "we receive so many emails on this account that we don't read any," and phoning them just landed in an automated system that jumped back and forth for 10 minutes before cutting the line, I wouldn't bother responding to them either.
They also didn't respond on Twitter either.
In the end, we contacted our ISP, got the Google server blocked at their perimeter for a month and changed our external IP address.
Oh, they can really be that stupid. They can also be very good... It just depends, like any other profession. I've had good users and bad in most departments and positions.
Perhaps the biggest disruption was moving to WordPerfect 5.1 with laser printers with proportional fonts! Very few of the secretaries had use the tabulator on the old manual typewriters, or the first word processing system or the first PCs with DisplayWrite 4. They just used spaces.
Then, along came WP5.1, a 1 day training course, with over an hour dedicated to tabs and proportional fonts and still the most common call to the helpdesk afterwards was that the tables lined up on the screen (non-proportional fonts on a DOS screen, but didn't line up when printed (Times New Roman proportional on the printer).
And that is the problem, people have become so used to cheap, they don't actually have any idea of what something is actually worth, if it is a quality product.
And what does more expensive mean? If you take into account time lost due to crashes, workarounds, rebuilds etc. The "more expensive" is probably a lot cheaper that the current "cheap" price, when you take everything into account.
We need to get ourselves into the situation where normal practice is for consumers who suffer bugs to report them to the developers, whose normal practice is to diagnose and fix them.
We need to get into the situation where users/customers accept "proper" pricing. You can rant on about quality all you like, but if the customer isn't willing to pay for quality, they won't get it.
We have had a couple of decades now, where prices have been pushed to the limit, there is no more working margin on many products. The supplier can only survive through sheer volume. The food industry is a prime example, meat, eggs etc. have been pushed to such a low level by the discounters, like Lidl and Aldi, that the farmers are often on the poverty line.
They get a contract from a discounter for 10 times what they currently produce, but the marging is okay. They invest in new stock and new processing machinery to cope with the increased volume. Then, when the initial contract period is over, the discounter comes back and offers a quarter or half of what they are currently paying, take-it-or-leave-it. The farmer can't actually turn a profit at the reduced price, but they still have to pay off the loans for the additional equipment and stock. They either have to take the contract and build up more debt or declare bankruptcy.
The online shops are doing the same for other areas, they push prices down to the point where suppliers can only continue to make the product if they cut corners to meet those new prices. The consumer gets used to getting everything cheap, but complains that nothing lasts like it used to.
I replaced my electric toothbrush a couple of years ago, the old model's battery had held up for over a decade, but it was down to needing to be on the charger all the time, instead of recharging every 2 - 3 weeks. I got the replacement model, it cost a little less than I had paid for the previous model, but the build quality was not a patch on the old one. Even some of the comfort features were missing, like the battery LED, it was still there, but instead of going from green to yellow to red to flashing red, it went from green to flashing green - after 2 days use and stays at flashing green until the battery is empty 2 weeks later! But a green LED probably save a couple of cents on the build price, compared to a multi-colour one.
Today, nobody is looking to make a product that lasts a couple of decades and build up good sales of quality, expensive products based on reputation, instead they build the product to last just longer than the legal guarantee period and keep developing new products with new gimics that nobody needs, in the hope that when the old version breaks, you will come back to the same tat vendor to buy the newer model.
Software is the same story. When I first started, software cost a small fortune, but it was generally reliable. Now it is dirt cheap, but often gets near daily updates to fix problems, because proper testing was cut out of the "quality" chain, because it costs money.
Cheap flights anyone? Anyone really surprised that so many discount airlines are currently going bust? Nobody is willing to pay what it really costs to get from A to B, because we have become used to dirt cheap deals.
The story disconnects the zipping up and copying of the files from the deletion on iCloud. The story makes it sound like he deleted the files first and then, later copied them from the network directly.
I agree withz you about copying the entire system - whether going to a competitor or not.
The complaint contends Cao received a written job offer from XMotors on December 12, and thereafter deleted 120,000 files from his iCloud and disconnected the cloud storage service from his Tesla-issued computer on December 26. And in the days leading up to his departure, it's claimed, Cao logged onto Tesla's secure network repeatedly, and then cleared his browser history before he left.
At my previous employers, deleting browser history, cookies, passwords, any private information from my employer's systems was SOP.
That he deleted the 120,000 files before disconnecting his iCloud account sounds like the opposite of stealing the source code... :-S
Of course, he might have copied them locally onto his home machine or a USB stick and passed them on, but the evidence provided makes him sound like a conciscious employee making sure he didn't take anything with him.
The creating of a Zip file is suspicious and doesn't bode well for him, but the first part looks to contradict the claims.
From an evidence point of view, it sounds like Cao can rebuke the accusations by saying he was clearing out his private accounts of any company data before leaving the company. The Zip file is more difficult, but not impossible to rebuke.
The bigger question is, why was his private iCloud account even allowed to be connected to company equipment? We have nothing like the trade secrets of Tesla, but no company data can be stored on non-company equipment and no private data, storage medium, hardware or services are allowed to be stored or attached to company equipment.
We aren't even allowed email on private smartphones, only company smartphones and they are locked down, you can't put any other apps than those authorized on the device and you are prohibited from installing non-company email or cloud services on the 'phone.
I managed to delete a database once. I was new on the project and the process was export bottom row data, delete all data, import, calculate (OLAP cube), because recalculating the bottom row data into the cube was 100x faster than recalculating an already filled cube...
Only, I forgot the first step...
My colleague just said, take the previous backup from the run 4 hours ago and blame it on the users! That is what he usually did, when he got it wrong.
Being more senior, I decided not to do that. I went to the manager of the customer's finance department, explained what I had done, told him I would restore from the last backup and replay the transaction file, but that it would take a little longer than usual. We lost the last 2 transactions. But I was praised by the customer for being honest and coming up with a workable solution.
Over here, Germany, they are more pro-active.
A company where a friend works was contacted by the Federal Office for the Protection of the Constitution, because their IP address turned up on a known malware exchange site on the darknet. They were informed about the incident, that they might be targeted and were offered free consultation.
Security is only as good as the weakest link. If you have some idiot in front of a keyboard opening an infected website or email that is carrying a so far unseen malware there isn't a lot you can do.
User training is almost more important than the actual electronic security systems.
The one thing I don't understand is how the backups got deleted. That the currently running backup job / the just finished backup job got deleted before the media was taken offline I could understand, unlucky, but possible.
But the first rule of backups is that they are offline when not being actively backed up to or restored from. You should also rotate your backup media.
Our backup rotation is pretty much the simplest you can get, 4 daily sets of backup media and 4 weekly backup sets, with monthly and annual backups stored off site.
No matter how careful you are...
I was making changes to some code, I made some changes, then had a brainwave. I stopped what I was doing and made a copy (.cobol) of the source code I was working on (.cob), then went back to work on the .cob files, putting my brainwave into effect. Tested it, it worked perfectly.
I then "cleaned" up the directory, wanting to delete the partially complete code (.cobol), only I got as far as del *.cob;* and hit enter... Then screamed! Then copied the .cobol back to .cob and did all the changes again, at least it only took 2 days the second time around, because I knew what I was doing... Lesson learned.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
